TUKUL's guide to securing XP Proff

About securing XP, if one can configure it properly- even XP sans any service pack can be very secure. Since a lot of people keep asking me about this, I have put some effort and put it on my blog, 'noeticnovice.blogspot.com Some are common sense really, while others are a bit arcane, to say the list. I had done a fair amount of research ( on the net ) on this and following are my tweaks. If system is unstable afterwords, please don't throw brickbats at my picture (if you have one).

TUKUL's guide to securing XP Proff
----------------------------------------------------------
1> Go to control panel (or start menu), open Admin tools, computer mgmt, local users and groups, click on 'Users' On the right panel you will find under names column Two users that MS windows creates at the time of installation. These two users are the bane of many of XP users problems as they let hackers in all too easily. Promptly right click on each of these users and choose delete. Congratulations - you have removed nearly half ( 40 % ) of your security woes already!

2> Go to control panel (or start menu), open Admin tools, then services
You will find a list of services ( programs that run in the background and don't show up on the taskBar )
Under the names column find entry called 'Automatic Updates'
Right click on it, choose 'Properties', choose startup type as disabled.
Your System is now ( 50 % ) secure.
3> With in services, skim down a bit further to find 'Error Reporting Service' and give it the same treatment as before-
ie Right click on it, choose 'Properties', choose startup type as disabled.
Your prized system is now 55% secure. What - just 5%, well- we still have some way to go, and I'm afraid I may be running out of percentages later.
4> Met out the same treatment to the 'Messenger' service, ie disable it. Add 5% more to our all important tallly!
5> Also disable the 'Remote Desktop Help Session Manager' service. Add 10% more to your right to gloat.
6> And Finally find the 'Remote Registry' service, and take it out on it, and disable it with extreme vengence. Add 10% more to take your total tally to 80%
NOTE -1. These services have been put by very 'thawtful' people at Microsoft so your life might be a living hell, and are otherwise mostly useless.
2. I may have developed an unhealthy obsession with percentages in the course of writing this guide.
7> The 'Task Scheduler' service can also be used by hackers, but is also useful to schedule tasks, so I leave it to the reader (Bapi dada) to decide if they need it. Most people don't use it manually, but some old programs might.
8> Open my network places, under network tasks click 'show all connections' , Right click on the network connection you use, what the hell, why hold back, do this for all the connections you see, LAN or dialup, without any discrimination or mercy
Right click on the connection, Choose 'Properties' , In the field titled 'This connection uses the following items' find and deselect the following entries
'File and Printer Sharing for microsoft networks' , 'Client for microsoft nerworks' and
most importantly 'NW Link IPX/SPX/NetBIOS Compatible Transport Protocol'.
This will secure your precious system further to upto a whoping 90% !!!!
9> Don't ever use MS Internet Explorer ver 6 or less. XP Service pack 2 (SP2) is required to use IE7, I have used IE7 and have found few holes in it till now. But if in doubt or you simply hate Microsoft for all your past woes, Get Firefox3 , it is great and finally stable, and lets you save previously browsed tabs. I strongly recommend Firefox3
10>Optionally use NTFS filesystems in all the drives.
11> Disable Fast user switching in 'User Accounts' - open control Panel, 'User Accounts' ,
click 'change the way users log on and off' and deselect 'Use Fast User Swtching'. and click 'Apply Options'
12> Many commonly used sofware have spyware, adware Eg- Kaza, morpheus, Yahoo Messanger, MSN Messenger and ironically some Anti Spyware or Anti Malware sofware too!! and should be used restrictively if at all. Try to find alternatives and if use is necessary, remove from startup by-
Click on start, click Run, type msconfig, click OK, click startup tab on top, and deselect most items like qttask, messengers, etc
One can see the entry in the command column that tells you which .exe file runs at startup for a perticular entry, which gives a better idea about the startup item, (the names are somtimes to crypt for us to understand anything from it)
12> And lastly, DO NOT download files with .exe or .com extentions from little knows sites and run them on your computer.
Most Flash games are malware ( viruses, spyware, adware, spamming worms etc)
Same goes for attachments, and if you have a compulsive urge to open attachments titled 'Nude pics of Anna Kournikova' Please seek help from a good shrink immediately. No one can help you if you are the one who lets the baddies into your house.

I may have missed out a few and will add them if and when I remember them. If you feel strongly about any other tweaks, feel free to write me comments or email me. I assume no responsibilty, if after doing all or any of above, you trashed your (crappy) system, but write me anyway and I will try and help you if I can.
If my blog has helped you- tell your friends about it while you enjoy a trouble free internet experience (99%). If not and you feel some ill will toward me &*(#@*&#$% right back at you with no apologies.